package net.xxcl.news.business;

import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import net.xxcl.news.pojo.User;
import net.xxcl.news.util.DBConnection;

/**
 * @author Administrator
 * 用户的业务逻辑类
 */
public class UserBiz {
	
	/**
	 * 登录验证方法，返回的user为空则登录失败，不为空登录成功
	 * @param name
	 * @param password
	 * @return
	 */
	public User login(String name,String password){
		DBConnection dbConnection = new DBConnection();
		User user = null;
		try {
			String sql = "select * from user where name=? and password=?";
			PreparedStatement pstmt = dbConnection.getConnection().prepareStatement(sql);
			pstmt.setString(1, name);
			pstmt.setString(2, password);
			ResultSet rs = pstmt.executeQuery();
			if(rs.next()){
				user = new User();
				user.setId(rs.getInt("id"));
				user.setName(name);
				user.setPassword(password);
			}
		} catch (SQLException e) {
			e.printStackTrace();
		} finally {
			dbConnection.close();
		}
		return user;
	}
	
}
